How Ransomware Infects Computers

One of the fastest growing areas of cybercrime is ransomware — a family of malware that takes a computer or its data hostage in effort to extort money from its victims. Ransomware is responsible for damaging or destroying computer files and causing loss of business for enterprises with compromised computers. You can help avoid this growing online danger by learning more about how ransomware targets victims.

Here are some of the ways computers and mobile devices can be infected:

Links in emails or messages in social networks — In this type of attack, the victim clicks a malicious link in an email attachment or a message on a social networking site.

Pay per install — This popular method attacks computers that are already part of a botnet (a group of infected computers under the control of criminals called botmasters) — further infecting them with additional malware. Bot herders, criminals who look for security vulnerabilities, are paid to find these opportunities.

Drive-by downloads — This form of ransomware is installed when a victim clicks on a compromised website. McAfee Labs researchers have seen an increase in drive-by downloads. In particular, users of some streaming video portals have been hit.

Ransomware is difficult to track because many people do not realize they are victims of a crime — and even if they do, they are reluctant to report it. But there is evidence that it is a worldwide cybercrime problem with a high number of victims. Authorities from around the world have issued warnings about this threat. Europol held an expert meeting to combat the spread of “police ransomware,” and the German Federal Office for Information Security and the FBI have issued numerous warnings about ransomware.